Java Code Examples for org.apache.hadoop.security.UserGroupInformation.getGroupNames()

The following are Jave code examples for showing how to use getGroupNames() of the org.apache.hadoop.security.UserGroupInformation class. You can vote up the examples you like. Your votes will be used in our system to get more good examples.
+ Save this method
Example 1
Project: ditb   File: TestUser.java   View Source Code Vote up 6 votes
@Test
public void testCacheGetGroupsRoot() throws Exception {
  // Windows users don't have a root user.
  // However pretty much every other *NIX os will have root.
  if (!SystemUtils.IS_OS_WINDOWS) {
    Configuration conf = HBaseConfiguration.create();
    UserProvider up = UserProvider.instantiate(conf);


    String rootUserName = "root";

    // Create two UGI's for this username
    UserGroupInformation ugiOne = UserGroupInformation.createRemoteUser(rootUserName);
    UserGroupInformation ugiTwo = UserGroupInformation.createRemoteUser(rootUserName);

    // Now try and get the user twice.
    User uOne = up.create(ugiOne);
    User uTwo = up.create(ugiTwo);

    // Make sure that we didn't break groups and everything worked well.
    assertArrayEquals(uOne.getGroupNames(),uTwo.getGroupNames());
    String[] groupNames = ugiOne.getGroupNames();
    assertTrue(groupNames.length > 0);
  }
}
 
Example 2
Project: hadoop-oss   File: AccessControlList.java   View Source Code Vote up 5 votes
/**
 * Checks if a user represented by the provided {@link UserGroupInformation}
 * is a member of the Access Control List
 * @param ugi UserGroupInformation to check if contained in the ACL
 * @return true if ugi is member of the list
 */
public final boolean isUserInList(UserGroupInformation ugi) {
  if (allAllowed || users.contains(ugi.getShortUserName())) {
    return true;
  } else if (!groups.isEmpty()) {
    for(String group: ugi.getGroupNames()) {
      if (groups.contains(group)) {
        return true;
      }
    }
  }
  return false;
}
 
Example 3
Project: hadoop-oss   File: GetGroupsTestBase.java   View Source Code Vote up 5 votes
private static String getExpectedOutput(UserGroupInformation user) {
  String expectedOutput = user.getUserName() + " :";
  for (String group : user.getGroupNames()) {
    expectedOutput += " " + group;
  }
  return expectedOutput + System.getProperty("line.separator");
}
 
Example 4
Project: QDrill   File: ImpersonationUtil.java   View Source Code Vote up 5 votes
/**
 * Given admin user/group list, finds whether the given username has admin privileges.
 *
 * @param userName User who is checked for administrative privileges.
 * @param adminUsers Comma separated list of admin usernames,
 * @param adminGroups Comma separated list of admin usergroups
 * @return
 */
public static boolean hasAdminPrivileges(final String userName, final String adminUsers, final String adminGroups) {
  // Process user is by default an admin
  if (getProcessUserName().equals(userName)) {
    return true;
  }

  final Set<String> adminUsersSet = Sets.newHashSet(SPLITTER.split(adminUsers));
  if (adminUsersSet.contains(userName)) {
    return true;
  }

  final UserGroupInformation ugi = createProxyUgi(userName);
  final String[] userGroups = ugi.getGroupNames();
  if (userGroups == null || userGroups.length == 0) {
    return false;
  }

  final Set<String> adminUserGroupsSet = Sets.newHashSet(SPLITTER.split(adminGroups));
  for (String userGroup : userGroups) {
    if (adminUserGroupsSet.contains(userGroup)) {
      return true;
    }
  }

  return false;
}
 
Example 5
Project: hadoop   File: AccessControlList.java   View Source Code Vote up 5 votes
/**
 * Checks if a user represented by the provided {@link UserGroupInformation}
 * is a member of the Access Control List
 * @param ugi UserGroupInformation to check if contained in the ACL
 * @return true if ugi is member of the list
 */
public final boolean isUserInList(UserGroupInformation ugi) {
  if (allAllowed || users.contains(ugi.getShortUserName())) {
    return true;
  } else {
    for(String group: ugi.getGroupNames()) {
      if (groups.contains(group)) {
        return true;
      }
    }
  }
  return false;
}
 
Example 6
Project: hadoop   File: GetGroupsTestBase.java   View Source Code Vote up 5 votes
private static String getExpectedOutput(UserGroupInformation user) {
  String expectedOutput = user.getUserName() + " :";
  for (String group : user.getGroupNames()) {
    expectedOutput += " " + group;
  }
  return expectedOutput + System.getProperty("line.separator");
}
 
Example 7
Project: hadoop   File: TestRMAdminService.java   View Source Code Vote up 4 votes
@Test
public void
    testRefreshUserToGroupsMappingsWithFileSystemBasedConfigurationProvider()
        throws IOException, YarnException {
  configuration.set(YarnConfiguration.RM_CONFIGURATION_PROVIDER_CLASS,
      "org.apache.hadoop.yarn.FileSystemBasedConfigurationProvider");

  String[] defaultTestUserGroups = {"dummy_group1", "dummy_group2"};
  UserGroupInformation ugi = UserGroupInformation.createUserForTesting
      ("dummyUser", defaultTestUserGroups);

  String user = ugi.getUserName();
  List<String> groupWithInit = new ArrayList<String>(2);
   for(int i = 0; i < ugi.getGroupNames().length; i++ ) {
     groupWithInit.add(ugi.getGroupNames()[i]);
   }

  // upload default configurations
  uploadDefaultConfiguration();
  Configuration conf = new Configuration();
  conf.setClass(CommonConfigurationKeys.HADOOP_SECURITY_GROUP_MAPPING,
      MockUnixGroupsMapping.class,
      GroupMappingServiceProvider.class);
  uploadConfiguration(conf, "core-site.xml");

  try {
    rm = new MockRM(configuration);
    rm.init(configuration);
    rm.start();
  } catch (Exception ex) {
    fail("Should not get any exceptions");
  }

  // Make sure RM will use the updated GroupMappingServiceProvider
  List<String> groupBefore =
      new ArrayList<String>(Groups.getUserToGroupsMappingService(
          configuration).getGroups(user));
  Assert.assertTrue(groupBefore.contains("test_group_A")
      && groupBefore.contains("test_group_B")
      && groupBefore.contains("test_group_C") && groupBefore.size() == 3);
  Assert.assertTrue(groupWithInit.size() != groupBefore.size());
  Assert.assertFalse(groupWithInit.contains("test_group_A")
      || groupWithInit.contains("test_group_B")
      || groupWithInit.contains("test_group_C"));

  // update the groups
  MockUnixGroupsMapping.updateGroups();

  rm.adminService
      .refreshUserToGroupsMappings(RefreshUserToGroupsMappingsRequest
          .newInstance());
  List<String> groupAfter =
      Groups.getUserToGroupsMappingService(configuration).getGroups(user);

  // should get the updated groups
  Assert.assertTrue(groupAfter.contains("test_group_D")
      && groupAfter.contains("test_group_E")
      && groupAfter.contains("test_group_F") && groupAfter.size() == 3);

}